The case used to be, if you had users enter sensitive information, like a password, or you sold something online, you would install an SSL certificate and make your site secure. If you didn’t do either, you were fine not having a secure website.
That isn’t the case anymore. Now, Google is making it mandatory for every site to be secure. There has been talk about it for a few years now but there was never a date attached to it. We just knew it was coming.
In 2014 Google announced:
… over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal. For now it’s only a very lightweight signal — affecting fewer than 1% of global queries, and carrying less weight than other signals such as high-quality content— while we give webmasters time to switch to HTTPS. But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.
Now, Google doesn’t necessarily admit to what degree the SERPs (Search Engine Result Pages) are affected by this signal but some argue it is a lot more than Google let’s on.
About a year ago, Google officially announced that they would start letting visitors know your site was not secure and they put a date on it… “Early July 2018”
According to this blog post, the release happened on July 25th 2018. Chrome will now flag sites that aren’t secure and display a message to site visitors.
The new version of Chrome has been out for a little over a month now and more and more users will see the “NOT SECURE” flag as they update their browsers.
So what exactly is an SSL Certificate?
To put it simply, an SSL (Secure Socket Layer) Certificate is a security certificate that, once installed on your web server, activates a secure connection between the browser the visitor is using and the web server (where your site is located).
The website’s URL protocol will change from HTTP to HTTPS.
How much will an SSL Certificate set me back?
First of all, I want to put you conspiracy theorists at ease. Google doesn’t sell SSL certificates.
Now that we have that out of the way, as a general rule of thumb, you are looking at about $70/year for an SSL certificate. With that being said, there are some FREE options out there as well. Take a look at Let’s Encrypt.
Final Thoughts On SSL Certificates
Installing an SSL certificate isn’t really an option anymore. Everything from big E-commerce stores to personal blogs need to be secured if you expect traffic on them. Google will make this more and more of a priority over the coming years. They’ve taken huge steps so far and I don’t see them taking hand off the throttle anytime soon.
If you don’t already have an SSL certificate installed on your site, today is the day to do it! As more and more people update their Chrome browser, they will be slapped in the face with a huge NOT SECURE message. Think many of them will stick around? They damn sure won’t be signing up for any mailing lists or putting any other information in. That’s for sure.
Is your website secured? Have you noticed any changes in your ranking having a non HTTPS site versus an HTTP site? Let us know in the comments below.